Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-11.txt
<L.Wood@surrey.ac.uk> Tue, 23 March 2010 21:24 UTC
Return-Path: <L.Wood@surrey.ac.uk>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 994B13A6B63; Tue, 23 Mar 2010 14:24:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.469
X-Spam-Level:
X-Spam-Status: No, score=-5.469 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6TDsOuQ4J1w5; Tue, 23 Mar 2010 14:24:52 -0700 (PDT)
Received: from mail82.messagelabs.com (mail82.messagelabs.com [195.245.231.67]) by core3.amsl.com (Postfix) with ESMTP id 6C3013A67F2; Tue, 23 Mar 2010 14:24:51 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: L.Wood@surrey.ac.uk
X-Msg-Ref: server-4.tower-82.messagelabs.com!1269379509!2364454!1
X-StarScan-Version: 6.2.4; banners=-,-,-
X-Originating-IP: [131.227.200.35]
Received: (qmail 9155 invoked from network); 23 Mar 2010 21:25:09 -0000
Received: from unknown (HELO EXHT021P.surrey.ac.uk) (131.227.200.35) by server-4.tower-82.messagelabs.com with AES128-SHA encrypted SMTP; 23 Mar 2010 21:25:09 -0000
Received: from EXMB01CMS.surrey.ac.uk ([169.254.1.49]) by EXHT021P.surrey.ac.uk ([131.227.200.35]) with mapi; Tue, 23 Mar 2010 21:25:09 +0000
From: L.Wood@surrey.ac.uk
To: touch@ISI.EDU, Internet-Drafts@ietf.org
Date: Tue, 23 Mar 2010 21:24:23 +0000
Thread-Topic: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-11.txt
Thread-Index: AcrKzv5zo00r3V3tST+HVwcIjA4xYAAADbxM
Message-ID: <FD7B10366AE3794AB1EC5DE97A93A37305A1A2E71B@EXMB01CMS.surrey.ac.uk>
References: <20100323211506.28FA23A6BD1@core3.amsl.com>, <4BA930EC.6040502@isi.edu>
In-Reply-To: <4BA930EC.6040502@isi.edu>
Accept-Language: en-US, en-GB
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-GB
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: tcpm@ietf.org, i-d-announce@ietf.org
Subject: Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-11.txt
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2010 21:24:57 -0000
Dp we absolutely need this document? L. ________________________________________ From: tcpm-bounces@ietf.org [tcpm-bounces@ietf.org] On Behalf Of Joe Touch [touch@ISI.EDU] Sent: 23 March 2010 21:21 To: Internet-Drafts@ietf.org Cc: tcpm@ietf.org; i-d-announce@ietf.org Subject: Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-11.txt Hi, all, The revisions in this document address the IESG DISCUSS issues. Joe Internet-Drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF. > > > Title : The TCP Authentication Option > Author(s) : J. Touch, et al. > Filename : draft-ietf-tcpm-tcp-auth-opt-11.txt > Pages : 48 > Date : 2010-03-23 > > This document specifies the TCP Authentication Option (TCP-AO), which > obsoletes the TCP MD5 Signature option of RFC-2385 (TCP MD5). TCP-AO > specifies the use of stronger Message Authentication Codes (MACs), > protects against replays even for long-lived TCP connections, and > provides more details on the association of security with TCP > connections than TCP MD5. TCP-AO is compatible with either static > master key tuple (MKT) configuration or an external, out-of-band MKT > management mechanism; in either case, TCP-AO also protects > connections when using the same MKT across repeated instances of a > connection, using traffic keys derived from the MKT, and coordinates > MKT changes between endpoints. The result is intended to support > current infrastructure uses of TCP MD5, such as to protect long-lived > connections (as used, e.g., in BGP and LDP), and to support a larger > set of MACs with minimal other system and operational changes. TCP-AO > uses a different option identifier than TCP MD5, even though TCP-AO > and TCP MD5 are never permitted to be used simultaneously. TCP-AO > supports IPv6, and is fully compatible with the proposed requirements > for the replacement of TCP MD5. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-11.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > > > ------------------------------------------------------------------------ > > _______________________________________________ > tcpm mailing list > tcpm@ietf.org > https://www.ietf.org/mailman/listinfo/tcpm